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IN THE CLAIMS 



1 1 . (original) A method comprising the steps of: 

2 receiving from a customer over a network an application for a credit card 

3 authorization, a non-migratable key, a first certificate by a Trusted Platform Module 

4 (TPM) identity associated with a computer system used by the customer, and a 

5 second certificate acquired by the computer system from a Certification Authority 

6 (CA); 

7 creating a public/private key pair and a third certificate in response to the 

8 receiving step; and 

9 sending the public/private key pair and the third certificate to the customer 
1 0 over the network. 

1 2. (original) The method as recited in claim 1, wherein after the sending step, 

2 the customer is capable of using the public/private key pair and the third certificate to 

3 make purchases over the network. 

1 3. (original) The method as recited in claim 1, wherein the TPM identity is a 

2 public/private key pair created as a result of a command by the customer input into 

3 the computer system. 

1 4. (original) The method as recited in claim 1, wherein the second certificate is 

2 created by the Certification Authority in response to receiving a third certificate 

3 signed by a manufacturer of the TPM and a public key of the TPM identity. 

1 5. (original) The method as recited in claim 4, wherein the third certificate is 

2 associated with an endorsement key of the TPM. 
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1 6. (original) The method as recited in claim 1 , wherein the network is the 

2 Internet. 

1 7. (original) A method comprising the steps of: 

2 creating a TPM identity at a customer's computer system; 

3 the customer's computer system obtaining a first certificate from a first server 

4 supporting a CA over a network; 

5 the customer's computer system creating a non-migratable key; and 

6 transferring an application for a credit card authorization, the TPM identity, 

7 the non-migratable key, and the first certificate from the customer's computer system 

8 to a second server supporting a credit card company. 

1 8. (original) The method as recited in claim 7, further comprising the steps of: 

2 the second server supporting the credit card company creating a public/private 

3 key pair and a second certificate in response to the transferring step; and 

4 transferring the public/private key pair and the second certificate from the 

5 second server supporting the credit card company to the customer's computer system. 

1 9. (original) The method as recited in claim 8, wherein the step of transferring 

2 the public/private key pair and the second certificate from the second server 

3 supporting the credit card company to the customer's computer system is performed 

4 using a traditional mail service. 

1 10. (original) The method as recited in claim 8, wherein the step of transferring 

2 the public/private key pair and the second certificate from the second server 

3 supporting the credit card company to the customer's computer system is performed 

4 using the network. 
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1 11. (original) The method as recited in claim 8 5 further comprising the step of: 

2 a customer using the public/private key pair and the second certificate for 

3 commercial transactions over the network. 

1 12. (original) The method as recited in claim 1 1 , wherein the network is the 

2 Internet. 

1 13. (original) The method as recited in claim 7, wherein the creating step further 

2 comprises creating a public/private key pair. 

1 14. (original) The method as recited in claim 1 3, wherein the step of the 

2 customer's computer system obtaining the first certificate from the first server 

3 supporting the CA over the network further comprises the steps of: 

4 transferring from the customers computer system to the first server supporting 

5 the CA a public portion of the public/private key pair created when the TPM identity 

6 is created and a third certificate associated with an endorsement key of the TPM; 

7 the CA checking an authenticity of the third certificate; 

8 the CA creating a fourth certificate for the TPM identity; 

9 the CA encrypting the fourth certificate; 

1 0 the CA bundling the encrypted fourth certificate with the public portion of the 

1 1 public/private key pair created when the TPM identity is created to create a first 

12 bundle; and 

13 the CA encrypting the first bundle with a public key of the third certificate to 

14 create a second bundle. 

1 15. (original) The method as recited in claim 14, wherein the step of transferring 

2 the public/private key pair and the second certificate from the second server 
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3 supporting the credit card company to the customer's computer system further 

4 comprises the steps of: 

5 the TPM decrypting the second bundle with a private portion of the third 

6 certificate producing the first bundle; and 

7 the TPM decrypting the first bundle with a private portion of the 

8 public/private key pair created when the TPM identity is created. 

1 16. (original) A computer program product adaptable for storage on a computer 

2 readable medium, comprising the program steps of: 

3 receiving from a customer over a network an application for a credit card 

4 authorization, a non-migratable key, a first certificate by a Trusted Platform Module 

5 (TPM) identity associated with a computer system used by the customer, and a 

6 second certificate acquired by the computer system from a Certification Authority 

7 (CA); 

8 creating a public/private key pair and a third certificate in response to the 

9 receiving step; and 

1 0 sending the public/private key pair and the third certificate to the customer 

1 1 over the network. 

1 17. (original) The computer program product as recited in claim 16, wherein after 

2 the sending step, the customer is capable of using the public/private key pair and the 

3 third certificate to make purchases over the network. 

1 18. (original) The computer program product as recited in claim 16, wherein the 

2 TPM identity is a public/private key pair created as a result of a command by the 

3 customer input into the computer system. 
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1 19. (original) The computer program product as recited in claim 16, wherein the 

2 second certificate is created by the Certification Authority in response to receiving a 

3 third certificate signed by a manufacturer of the TPM and a public key of the TPM 

4 identity. 

1 20. (original) The computer program product as recited in claim 1 9 5 wherein the 

2 third certificate is associated with an endorsement key of the TPM. 

1 21. (original) A computer program product adaptable for storage on a computer 

2 readable medium, comprising the program steps of: 

3 creating a TPM identity; 

4 obtaining a first certificate from a CA; 

5 creating a non-migratable key; 

6 contacting a web site supporting a credit card company; 

7 sending to the web site an application for a credit card authorization, the TPM 

8 identity, the first certificate, and the non-migratable key; and 

9 receiving from the web site a public/private key pair and a second certificate 
1 0 enabling the credit card authorization. 

1 22. (original) The computer program product as recited in claim 21 , further 

2 comprising the program step of: 

3 conducting a commercial transaction over the Internet using the credit card 

4 authorization as enabled by the public/private key pair and the second certificate. 

1 23 . (original) The computer program product as recited in claim 2 1 , wherein the 

2 non-migratable key is a signing key. 
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1 24. (original) The computer program product as recited in claim 2 1 , wherein the 

2 non-migratable key is a storage key. 

1 25. (original) A system comprising: 

2 a server supporting a web site of a credit card company; 

3 a customer computer including a TPM; 

4 a network linked to the server and the customer computer; 

5 first software stored in memory in the customer computer for requesting the 

6 TPM to create a TPM identity; 

7 second software stored in memory in the customer computer for obtaining a 

8 first certificate over the network from a CA; 

9 third software stored in memory in the customer computer for creating a non- 

10 migratable key; 

1 1 fourth software stored in memory in the customer computer for browsing the 

1 2 web site of the credit card company over the network; 

1 3 fifth software stored in memory in the customer computer for sending an 

14 application for a credit card authorization to the web site of the credit card company 

1 5 over the network; 

1 6 sixth software stored in memory in the customer computer for sending to the 

1 7 web site of the credit card company over the network the TPM identity, the first 

1 8 certificate, and the non-migratable key; 

1 9 the web site of the credit card company creating a public/private key pair and 

20 a second certificate; and 

21 the web site of the credit card company sending the public/private key pair 

22 and the second certificate over the network to the customer computer. 
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